fuzz: never return an uninitialized sockaddr in FuzzedSock::GetSockName

The fuzz provider's `ConsumeData` may return less data than necessary to fill the sockaddr struct and still return success. Fix this to avoid the caller using uninitialized memory.
2025-07-28 18:23:16 +02:00 · 2025-01-22 11:49:33 -05:00
parent 39b7e2b590
commit 0d472c1953
1 changed files with 2 additions and 0 deletions
--- a/src/test/fuzz/util/net.cpp
+++ b/src/test/fuzz/util/net.cpp
@@ -357,7 +357,9 @@ int FuzzedSock::GetSockName(sockaddr* name, socklen_t* name_len) const
        SetFuzzedErrNo(m_fuzzed_data_provider, getsockname_errnos);
        return -1;
    }
+    assert(name_len);
    *name_len = m_fuzzed_data_provider.ConsumeData(name, *name_len);
+    if (*name_len < (int)sizeof(sockaddr)) return -1;
    return 0;
 }